Backup

This document describes the processes that support the following company policies:

Update Data Inventory

Task: Update Data Flow Map

  • Performed by: Head of Engineering
  • Frequency: Annually

TODO: describe how to proceed

Retention of Security Documentation and Audit Trails

All security documentation and audit trails are kept for a minimum of one year, unless otherwise specified by Narrative's Data Classification Policy, specific regulations, or contractual agreement.

As of October 2023, AWS Cloudtrail is what we consider our audit trail that needs to be kept for a minimum of one year.

RDS Multi-Region Backup

RDS databases are backed up and the backups are replicated to a different region on a daily basis using the built-in RDS mechanisms.

When setting up an RDS database:

  • marketplace-db setup can be used as a template
  • Whenever a database is created, the following things need to be taken care of:
    • Daily backups should be enabled
    • Retention should be configured to 7 days minimum
    • Backups should be replicated to us-west-2 using a KMS key specific to the replica
    • Retention of the replicated backups should be configured to 7 days minimum

Monitoring:

  • A lambda health check runs once a day to ensure that all databases have up to date backups and that these backups are replicated to us-west-2. Missing backups will result in an alert in Slack's #auto-techops.

Source Code Repositories

Github repositories are backed up to AWS S3 on a daily basis using Github workflows.

When creating a repository:

Monitoring:

  • A lambda health check runs once a day to ensure that Github repositories have up to date backups. Missing backups will result in an alert in Slack's #auto-techops.
Table of Contents